Discussion in 'malware problems & news' started by Carneyride, Jul 14, 2008.

Thread Status:
Not open for further replies.
  1. Carneyride

    Carneyride Registered Member

    Jun 14, 2008
    north east texas
    my friend got spysheriff from limewire, or thats what it seems to be from.

    He calls me (no one here is great with tech stuff, but im the best around >.<)
    he says some random anti-spyware popped up saying he was infected, and he didnt remember downloading it

    i tell him not to click anything, and ill be right over! so i get there and he's sitting with his head in his hands cursing. so im like tell me you didnt click anything.

    he said that when attempting to close firefox a popup got in the way, and he clicked it and it started a spysheriff scan! XD

    so yes, i had to reformat his hd...

    so my question, what EXACTLY does spysheriff do? he got it when his comp prompted him to download codec.exe on limewire for an mp3 file.. he said he thought codecs were for media files, so he hit save to disk.. which is scary cause several times i am prompted for codec.exe download on limewire.. i click cancel XD

    edit - ALSO!!!on my risk history for symantec,it says mg.exe denied access to symantex and is still on my computer..."adware.mediapass"

    makeitstop! says its in C:\Program Files\Zango... which doesnt show up even when showing hidden files and such
    Last edited by a moderator: Jul 14, 2008
  2. Tarq57

    Tarq57 Registered Member

    Oct 7, 2006
    Wellington NZ
    Here's the goss on what SpySheriff is/what it does. If you Google it, there are thousands of hits. One of many members of the rogue antispyware family. There are ways to get rid of it without having to reformat.
    Hopefully its a lesson learned. If you want to avoid this sort of thing in future, just don't download software via p2p. Scan everything you do download before running it. And if you need codecs for any reason, get them from a reputable source.
    To reiterate: downloading ANY software via p2p (or IM, or email attachments) is quite likely to lead to malware.
    adware mediapass info/removal
    Zango removal
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.